CREATE SERVICE ACCOUNT reference
To create a new service account in the database, the CREATE SERVICE ACCOUNT
keywords are used.
For full documentation of the Access Control List and Role-based Access Control, see the RBAC operations page.
Role-based Access Control (RBAC) operations are only available in QuestDB Enterprise.
Syntax
Description
CREATE SERVICE ACCOUNT adds a new service account with no permissions.
The chosen name must be unique across all users (including the built-in admin),
groups and service accounts. If the name has already been reserved, the command
fails and an error is raised, unless the IF NOT EXISTS clause is included in
the statement.
Note that new service accounts can only access the database if the necessary endpoint permissions have been granted.
The user creating the service account automatically receives the
ASSUME SERVICE ACCOUNT permission, unless the OWNED BY clause is present, in
which case the permission is granted to the user or group specified in the
clause.
Examples
CREATE SERVICE ACCOUNT audit;
CREATE SERVICE ACCOUNT IF NOT EXISTS audit;
CREATE GROUP analysts;
CREATE SERVICE ACCOUNT dashboard OWNED BY analysts;
It can be verified with:
SHOW SERVICE ACCOUNT audit;
that yields:
| auth_type | enabled |
|---|---|
| Password | false |
| JWK Token | false |
| REST Token | false |